[sysadmin-bin] Recreate router-certs with renewed certificates for OCP4



commit 09ea4fb2094b34816cd459b75acc7af0799277ee
Author: Bartłomiej Piotrowski <bpiotrowski gnome org>
Date:   Tue Mar 8 10:46:00 2022 +0100

    Recreate router-certs with renewed certificates for OCP4

 certbot/cleanup-hook | 4 ++++
 1 file changed, 4 insertions(+)
---
diff --git a/certbot/cleanup-hook b/certbot/cleanup-hook
index 613936b..3a7369f 100755
--- a/certbot/cleanup-hook
+++ b/certbot/cleanup-hook
@@ -39,6 +39,10 @@ def main():
 
     base_domain = ".".join(domain.split(".")[-2:])
 
+    if domain == "apps.openshift4.gnome.org":
+        subprocess.run(["oc", "-n", "openshift-ingress", "delete", "secret", "router-certs"], check=True)
+        subprocess.run(["oc", "-n", "openshift-ingress", "create", "secret", "tls", "router-certs", 
f"--cert=/srv/letsencrypt/config/live/{domain}/fullchain.pem", "--key", 
f"/srv/letsencrypt/config/live/{domain}/privkey.pem"], check=True)
+
     with tempfile.TemporaryDirectory() as tmpdir:
         repo = pygit2.clone_repository("/git/dns.git", tmpdir)
         if not repo:


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]